Skip to content

Instantly share code, notes, and snippets.

@exonomyapp

exonomyapp/Secrets Management with Coolify.md

Created October 6, 2024 07:22
Show Gist options
  • Save exonomyapp/2cc22821e4bd019a90ccae182e501aae to your computer and use it in GitHub Desktop.
Save exonomyapp/2cc22821e4bd019a90ccae182e501aae to your computer and use it in GitHub Desktop.
Download ZIP
Secrets Management with Coolify
Raw
Secrets Management with Coolify.md

Managing secrets in Coolify for your production website involves securely storing sensitive information, such as API keys, tokens, and environment variables, in a way that your application can access them during deployment or runtime. Here's a step-by-step guide to manage secrets in Coolify:

1. Access Your Project's Configuration

  • Go to the Coolify dashboard.
  • Navigate to the "Projects" tab.
  • Select your production website project (in your case, exosystems_nuxt).

2. Navigate to Environment Variables

  • Inside your project settings, click on the "Environment Variables" section from the left sidebar.
  • This section allows you to add, update, and remove environment variables (including secrets) for your project.

3. Add New Secrets

  • Click the "+" or "Add Variable" button to create a new environment variable.
  • In the "Name" field, input the key name (e.g., API_KEY, DATABASE_URL).
  • In the "Value" field, input the actual secret value.
  • Make sure to select the "Secret" option if you want Coolify to mask the value so it doesn't show up in logs or the UI.

4. Assign Secrets to Different Environments

  • If your project has different environments (e.g., production, staging), ensure you're adding secrets to the correct environment.
  • You can create environment-specific secrets, which allows you to have different configurations (like API_KEY for production and API_KEY for development).

5. Apply Changes

  • After adding or modifying secrets, save the changes.
  • You can then Redeploy your project to apply the new environment variables to the running application.

6. Review Deployment Logs for Secrets Usage

  • After deploying, check your Logs to ensure that the application is picking up the correct environment variables.
  • The logs will mask sensitive data but should still show if the environment variable is correctly configured.

7. Using Environment Variables in Nuxt3

  • If you're using secrets for your Nuxt3 project, make sure that the nuxt.config.ts is configured to use environment variables properly. For example:

    export default defineNuxtConfig({
  runtimeConfig: {
    public: {
      apiKey: process.env.API_KEY, // Accessible to client-side
    },
    privateApiSecret: process.env.PRIVATE_API_SECRET, // Accessible only on server-side
  }
})

8. Update or Remove Secrets

  • If you need to update or remove a secret:
    • Simply go back to the Environment Variables section and either edit or delete the variable.
    • If the secret is tied to a repository or webhook, ensure you remove it from the Source or Webhooks section.

9. Check for Linked Secrets

  • In cases where you’re trying to manage GitHub or other integrations, secrets may also be stored or linked under Keys & Tokens or Source sections. Review those to see if your GitHub app or any SSH keys are linked to the production site.

By following this process, you can ensure that all sensitive data is securely managed within Coolify, reducing the risk of exposure in your production website setup.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment